Microsoft said that Kremlin-backed hackers stole its proprietary source code during a January breach of its corporate network and is now using it and other secrets in follow-on attacks against customers.
The intrusion, which the software company disclosed in January, was carried out by Midnight Blizzard, the name used to track a hacking group widely attributed to the Federal Security Service, a Russian intelligence agency. Microsoft said at the time that Midnight Blizzard gained access to senior executives’ email accounts for months after first exploiting a weak password in a test device connected to the company’s network. Microsoft went on to say it had no indication any of its source code or production systems had been compromised.
Unprecedented global threat
In an update published Friday, Microsoft said it has since uncovered evidence that Midnight Blizzard did, in fact, access “some of the company’s source code repositories and internal systems.” The hacking group—which is tracked under multiple other names, including APT29, Cozy Bear, CozyDuke, The Dukes, Dark Halo, and Nobelium—has been using the proprietary information in follow-on attacks, mainly against Microsoft customers.
Read 7 remaining paragraphs | Comments
Ars Technica - All contentContinue reading/original-link]